Operation Manual
166
Firewall Commands
E-DOC-CTC-20040210-0030 v1.0
firewall assign
Assign a chain to an entry point. An entry point, also referred to as hook or a Packet Interception Point (PIP), is the
location where packets are intercepted to be compared against a chain of rules.
SYNTAX:
where:
EXAMPLE:
firewall assign hook = <{input|sink|forward|source|output}>
chain = <string>
hook The name of the entry point to which a chain must be assigned.
Choose between:
• input:
The point of all incoming traffic.
At this point, it can be determined whether the packet is
allowed to reach the SpeedTouch™ IP router or local host.
• sink:
The point of all traffic destined to the SpeedTouch™ IP router
itself.
At this point, it can be determined whether the packet is
allowed to address the local host.
• forward:
The point of all traffic to be forwarded by the SpeedTouch™ IP
router.
At this point, it can be determined whether the packet is
allowed to be handled, i.e. routed.
• source:
The point of all traffic sourced by the SpeedTouch™ IP router.
At this point, it can be determined whether the packet is
allowed to leave the local host.
• output:
The point of all outgoing traffic.
At this point, it can be determined whether the packet is
allowed to leave the SpeedTouch™ IP router or local host.
REQUIRED
chain The name of the chain to be used. REQUIRED
=>firewall list
assign hook=sink chain=sink
assign hook=forward chain=forward
assign hook=source chain=source
=>firewall chain create chain=Telnet
=>firewall assign hook=sink chain=Telnet
=>firewall list
assign hook=sink chain=Telnet
assign hook=forward chain=forward
assign hook=source chain=source
=>